Researchers are calling “GreyEnergy,” an offshoot of the BlackEnergy group that conducted a massive cyberattack on the Ukrainian power grid in 2015, an emerging threat to the Central and Eastern European power grid. Security firm ESET has released a report describing the group’s activities as focused on reconnaissance and espionage of critical infrastructure organizations, gathering information that could be in preparation for a future attack. The other offshoot of BlackEnergy, known as Telebots and infamous for their NotPetya ransomware attack in 2017, has worked closely with GreyEnergy, although their approaches have differed, with Telebots limiting themselves to cyber disruption in Ukraine and GreyEnergy working on critical infrastructure and industrial networks across the region. The groups methods and tactics have made them leaders in many malware development areas, using techniques that security companies have struggled to fix and patch.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.